Summary of our findings on VeraCrypt usage

40% of Tails users are also VeraCrypt users (Tails+VeraCrypt
users), both inside and outside Tails.

60% of Tails+VeraCrypt users only use VeraCrypt outside of Tails.

Most of Tails+VeraCrypt users are regular users of VeraCrypt.

VeraCrypt is of more interest to people who are not using Linux as
their primary operating system.

VeraCrypt is still a reference when people think about encrypting
files.

Integrating VeraCrypt in Tails will prevent dangerous behaviors:

« I need to be able to open TrueCrypt file containers in Tails in
order to move files securely between Tails and Windows. Right now, I
have to copy my files unencrypted between Tails and Windows and this
is quite dangerous. »

Definition of the scope of our work:

85% of Tails+VeraCrypt users mostly don't use the .TC or .HC file extension.

76% of Tails+VeraCrypt users use file containers.

65% of Tails+VeraCrypt users use partitions.

65% of Tails+VeraCrypt users use hidden volumes.

55% of Tails+VeraCrypt users have legacy TrueCrypt volumes.

42% of Tails+VeraCrypt users use keyfiles.

A.2 UX & UI design sprint

The main developer and the UX designer working on this project gathered for
three days of sprint in Berlin, at the Onion Space, a coworking space for
Internet freedom technologists, on December 8, 9, and 10.

Definition of the scope of our work

We started by better defining the scope of our work based on the
preliminary research work that we did, both in terms of user needs
(through the survey) and technical feasibility (through the
backend code written until now).

We structure the scope of our work in four iterations. We will implement
and upstream each iteration one after the other and go as far as the
budget allows:

Paper prototyping

We created paper prototypes of the interactions that we designed for two key
user scenarios:

Scenario A: Unlocking a file container.

Scenario B: Creating a new partition.

Paper prototypes allowed us to:

Make our ideas come to life without having to write a single line of code.

Create a shared understanding between designer and developer.

Identify issues what we overlooked so far.

Example of a paper prototype showing steps of scenario A, locating the file
container and opening it using VeraCrypt Mounter:

We created our prototypes using
WireframeSketcher. WireframeSketcher is
proprietary software but can be installed in Tails easily. It includes sketchy
templates of all common user interface elements so you can create and modify
sketches very rapidly.

Paper prototyping was especially useful as our work modifies many bits and
pieces of existing GNOME utilities. It wouldn't have been possible to create
even a rough code prototype.

Formative testing with users

At the end of the first day, we started testing our prototypes with users.
During the sprint, we had seven people come over for sessions of one hour each.
After each test we debriefed our findings and improved our design.

We recruited the participants through a blog post on our
website and contacts we had in Berlin. We selected
people who were users of both Tails and VeraCrypt and gave priority to people
who were not using GNOME as their primary desktop environment.

Output

Since our work is meant to integrate VeraCrypt volumes in the native GNOME
utilities, we actually didn't design a lot of new interfaces. We modified two
existing dialogs of GNOME Disks for the creating of a new partition. Our
changes are circled in blue:

We designed a variant of the GVfs
dialog for the opening of encrypted volumes to include the additional options
required by VeraCrypt volumes:

We designed VeraCrypt Mounter, a very simple application wrapper that makes
it easier for users to learn how to use VeraCrypt in Tails and makes it faster
to open file containers:

The need for VeraCrypt Mounter arose as people all looked for something
called VeraCrypt in the menus because this it how they use VeraCrypt in other
operating systems. A paradox of our integration work is that it made using
VeraCrypt volumes too transparent for people to learn about it easily.

VeraCrypt Mounter would only be available in Tails. It's also optional in the
scope of our work as it could be replaced with a launcher pointing to our
documentation on VeraCrypt in Tails. Pointing to the documentation would lead
to similar success rates and would teach people better how to use VeraCrypt in
GNOME outside of Tails but it would be more time-consuming for first-time users
and a bit more frustrating than having VeraCrypt Mounter.

The most encouraging feedback that we got during the tests came from a digital
security trainer. She came to the tests because she frequently teaches
VeraCrypt but is very negative about the complexity and poor design of the
native VeraCrypt interface. She ended up being extremely positive about our
work as it finally looked like something she could teach people without too
much pain.

Having a better user experience than native VeraCrypt was not part of our
objectives initially but we are know convinced that it will be a key outcome:
our work will actually be much more usable than VeraCrypt itself.

B. Additional software

Our developers had a first successful sprint during which they could
dive into the problem space and start tackling the few issues that do
not need to wait for the UX & GUI design sprint.

B.4 Implement backend and GUI

We worked on a limitation of the backend (#9059) which
currently locks the opening of the desktop during more than a minute
without any feedback, when the Additional Software feature is activated.
We designed a
solution
to this problem and started implementing it (#9059).
The implementation is working, and should be reviewed and polished
within the next month.

We also fixed a problem that could theoretically happen in corner
cases, when the user has added to their list of additional software
a package that prompts upon installation (#6038).
The fix will be released in Tails 3.5 (January, 2018).